This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Orion Log Viewer the New and Improved Version of the Syslog and Trap Viewers

katieb over 5 years ago

While the existing syslog and trap functionality that ships with the Orion Platform has served us well over the last several years, there has always been some room for improvement. For example, we would sometimes hear from users that syslog collection would bog down their database or that it was inconvenient to manage logs outside the web console. Another common issue raised was around the lack of integration with Orion alerting.

As we built Log Analyzer, we wanted to do something about this valuable functionality that also seemed to be causing issues for our users. That’s where Orion Log Viewer comes in.

Orion Log Viewer (or OLV for short) is built on the Orion Platform and is a subset of SolarWinds Log Analyzer’s functionality. It shares the same systems requirements as LA and gives you the ability to collect, view, filter, search, manage, and alert on syslogs and traps from within your SolarWinds web interface. And the best part is, NPM users can get this updated functionality for no additional cost.

OLV will not only make it easier to manage your logs, but also give you extra visibility into performance issues by including syslog and trap data in your PerfStack dashboards. The additional context can help speed root cause investigation and troubleshooting. Additionally, both OLV and LA use the same alert engine as the other Orion-based products, nearly doubling the amount of alert actions you can take from your logs and reducing the number of alert engines you have to learn and maintain.

Orion Log Viewer also ships with its own database specifically designed for log collection. Lessening the impact of collecting logs on your Orion database. You can see how each of the different versions of the logging tools compare in this knowledge base article.

As mentioned earlier, OLV is a subset of Log Analyzer, so to get this updated functionality, you need to download and install a free trial of Log Analyzer on the same server as your NPM instance. At the end of the 30-day trial, if you decide not to purchase LA, the additional functionality that it provides will simply turn off. All that will remain is the functionality provided with Orion Log Viewer. At that time, OLV will be supported at the same level as your NPM license. If you decide later to upgrade to Log Analyzer, simply activate a license key and the functionality will return.

One note for those using the existing syslog and trap functionality. Installing Log Analyzer/OLV will override your existing rules. This means your previously configured syslog and trap rules and alerts will no longer be active. While there is no migration path for existing rules or log data to transfer to OLV, they will continue to be readable.

Orion Log Viewer is the future of syslogs and traps in Orion. We would love to get your feedback on the tool, so we can continue to improve it and support you.

Top Replies

Parents

0 k1gaudineer over 4 years ago

So Far..... NOT a Fan.... The previous syslog viewer I have been using for the last 16 years with Orion is far easier to use, far easier to understand and is infinitely faster. We have 18 polling engines and thousands of devices sending syslogs 24 x 7. With the old syslog viewer if I wanted to research something all that was necessary was to partially match a message apply the search to all servers and BAM you had results filtered and viewable in a fraction of a second. With the new log viewer the queries constantly time out. In the end you are needing to take many extra steps just to get the viewer to look at the proper message from the proper host. You either have to search for the host or sometimes you need to engage the help of a system admin who can SSH or telnet to the device and send you a portion of the syslog and then go back to the web view and perform more searches so a filter can be built that doesn't make the query choke and time out. With the previous version once you have just a portion of the message you wanted you could follow the tabs across the top all the way to having a custom HTML alert message sent in just a few seconds. The new log viewer this can take minutes... Searching is so difficult that we are actually looking at using Kiwi syslog for the searches.
Cancel
Vote Up +2 Vote Down

Cancel

Reply

0 k1gaudineer over 4 years ago

So Far..... NOT a Fan.... The previous syslog viewer I have been using for the last 16 years with Orion is far easier to use, far easier to understand and is infinitely faster. We have 18 polling engines and thousands of devices sending syslogs 24 x 7. With the old syslog viewer if I wanted to research something all that was necessary was to partially match a message apply the search to all servers and BAM you had results filtered and viewable in a fraction of a second. With the new log viewer the queries constantly time out. In the end you are needing to take many extra steps just to get the viewer to look at the proper message from the proper host. You either have to search for the host or sometimes you need to engage the help of a system admin who can SSH or telnet to the device and send you a portion of the syslog and then go back to the web view and perform more searches so a filter can be built that doesn't make the query choke and time out. With the previous version once you have just a portion of the message you wanted you could follow the tabs across the top all the way to having a custom HTML alert message sent in just a few seconds. The new log viewer this can take minutes... Searching is so difficult that we are actually looking at using Kiwi syslog for the searches.
Cancel
Vote Up +2 Vote Down

Cancel

Children

No Data